Assessing vulnerabilities related to and the credibility of cryptographic material in systems is a difficult problem. Many solutions attempt to evaluate various aspects of a system or protocols in isolation to identify whether vulnerabilities exist. However, aspects evaluated in isolation do not always provide a good understanding of the security or trustworthiness of a system or process.